CN201570063U - Personal internet banking multi-certificate system - Google Patents
Personal internet banking multi-certificate system Download PDFInfo
- Publication number
- CN201570063U CN201570063U CN2009201700424U CN200920170042U CN201570063U CN 201570063 U CN201570063 U CN 201570063U CN 2009201700424 U CN2009201700424 U CN 2009201700424U CN 200920170042 U CN200920170042 U CN 200920170042U CN 201570063 U CN201570063 U CN 201570063U
- Authority
- CN
- China
- Prior art keywords
- client
- bank
- web
- certificate
- internet banking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The utility model provides a personal internet banking multi-certificate system, comprising an internet banking system server, a personal internet banking client side, a flash disk with a USB interface and a multi-certificate system module for realizing personal internet banking. A client can apply certificates with different levels and operation authorities from an internet banking system through the personal internet banking client side. The internet banking server distinguishes correlative operation authorities according to logging-in certificates and provides a multi-authority system for the client. In the utility model, after the client applies the certificates with different levels and operation authorities, the internet banking system provides the corresponding operation authority under the guarantee of a certificate authentication system, thereby the client security is furthest maintained, and convenient operation is provided for the client.
Description
Technical field
The utility model belongs to Web bank's technical field, is specifically related to the many diploma systems of individual Web bank.
Background technology
Flourish along with Email and ecommerce, people are faced with the huge challenge that how to carry out security information exchange: the continuous expansion of bank system of web range of application, customer personalized demand constantly changes, particularly how personalized individual client's authoring system of formulating satisfy various demands and become more and more important.Data security and client identity authentication authentication have become more and more important problem.
Domestic most of bank system of web only provide a certificate for usually the individual client at present, finish relevant transaction.Prior art all exists some potential safety hazards and inconvenient part at present, prior art mainly adopts SSL (Secure Socket Layer) agreement to carry out, but its security performance can not satisfy the needs that existing bank system of web is used, for Web bank, authentication is particularly important, have only the legal identity of having confirmed bank client, could provide safety, high-quality, service efficiently for the client.
The utility model content
Technical problem to be solved in the utility model provides a kind of by the certificate verification system, bank system of web, and USB KEY realizes many diploma systems of Web bank.The client under the assurance of certificate verification system, provides corresponding operating right by bank system of web by applying for the different ranks and the certificate of operating right, and at utmost maintain customer safety provides operation readiness.
Of the present utility model a kind of by the certificate verification system, comprise the bank system of web server, individual Web bank client, many diploma systems module of the flash disk of USB interface and the individual Web bank of realization, the client by individual Web bank client to the different rank of bank system of web application and the certificate of operating right, and use the flash disk of described USB interface that certificate is carried out encryption and decryption, under the authentication of the many diploma systems of individual Web bank, provide corresponding operating right by bank system of web, application according to the client, the bank system of web server is signed and issued the different a plurality of certificates of authority in conjunction with many diploma systems module for the client, each certificate has different authorities according to requirement of client and is stored in the flash disk of USB interface, Web bank's server is distinguished relevant operating right according to login certificate, offer the multiple authoring system of client, satisfy client's various needs comprehensively.
Wherein, after the mode logging in to online banks system that the customer selecting certificate lands, behind the certificate of selecting different rights, carry out certificate verification in the certificate verification center CA, client by authentication has corresponding internet banking operation authority, the operating right that different certificates is corresponding different.
Wherein, described certificate is a digital signature, in carrying out digital signature procedure, the originator uses the private key of oneself, by asymmetric cryptographic algorithm, also is that cryptographic hash H encrypts to the digital digest of outgoing data, thereby obtain a segment information and be called digital signature, the process of Here it is signature, the addressee receives with after the information of digital signature, with originator's PKI digital signature information is decrypted, obtain one section cleartext information, be the digital digest of received information, simultaneously, the addressee also will also do Hash operation one time to the data of receiving, obtain a cryptographic hash H ', then H and H ' are compared, if both are identical, certifying signature promptly obtain by; If both are inequality, then checking is not passed through.
Wherein, its operation steps comprises:
(1) customer selecting is by certificate logging in to online banks system;
(2) certificate that need operate of customer selecting;
(3) bank system of web authenticates certificate;
(4) determine the associative operation authority by the authentication back;
(5) client carries out needed internet banking operation.
The beneficial effect of technical solutions of the utility model is:
Improved Web bank's level of security, effectively reduced risk,, satisfied different customer groups' demand, for the client creates a bank system of web safely and efficiently for the client provides multiple service.
The many diploma systems of individual Web bank of the present utility model, individual client's personalized customization authoring system function is provided, and as required, the individual client can apply for using many certificates, set up multiple authoring system as required, satisfy the various needs of client's family finance comprehensively.
Web bank's biggest advantage is to make things convenient for the client, how to ensure that client's rights and interests are not encroached on, and is the major responsibility of Web bank.The many diploma systems of individual Web bank of the present utility model have guaranteed the safety of clients fund effectively, create a financial easily channel of safety.
Description of drawings
Below in conjunction with accompanying drawing the utility model is further specified.
Fig. 1 shows according to high-level schematic functional block diagram of the present utility model.
Fig. 2 is a network topology structure synoptic diagram of the present utility model.
Fig. 3 is an application system configuration diagram of the present utility model.
Fig. 4 is the operation steps process flow diagram according to the many diploma systems of individual Web bank of the present utility model.
Embodiment
The technical solution of the utility model is mainly used in some individual clients' specific (special) requirements.For example: certain client wants to found " carrying additionally " client under own client to the child of oneself when founding a client of Web bank, is convenient to understand and manage the expense of own child's fund.In this case, the technical program can satisfactorily resolve, and makes things convenient for client's operation.
Fig. 1 shows according to high-level schematic functional block diagram of the present utility model, and the client lands bank system of web and selects different certificates to login, thereby can operate accordingly in different extents of competence.
Fig. 2 is a network topology structure synoptic diagram of the present utility model, it has CA, router, fire wall, intruding detection system, three-tier switch, is the RA application server at last, wherein be connected with every gateway, mail server, utilization/database server and disk array on three-tier switch.Two deployment of components of the application of RA (C/S model) and CA access modules are on same IBM OpenPower 710 machines (Suse Enterprise ServerV9), the RA database part is deployed on the other machine (oracle), and satisfies network requirement above-mentioned.That database software adopts is oracle.CFCA RA software comprises: (1) CA access modules; (2) table space of RA database; (3) RA application deployment.The RA system takes on the management work of issuing of certificate as the extension of CA system.The RA product of CFCA is made up of three parts: the CA access modules of RA application, RA database and RA, three assemblies of abbreviation RA.Three assemblies of RA can be deployed on same the machine, also can be deployed in as required on two or three machines.
The CA system that this RA system is connected is the 863CA system of the CFCA of China's finance authentication center, and the RA system of bank connects the China's finance CFCA of authentication center by Internet.
The wherein said CA of authentication center:
CA is the abbreviation of the English Certification Authority of authentication center.It issues digital certificate for each entity in the e-commerce environment, proving the authenticity of each entity identities, and is responsible for check and management certificate in transaction; It is the third-party institution of authority, trustworthiness and the fairness of ecommerce and internet bank trade.
Fig. 3 is an application system configuration diagram of the present utility model, and Fig. 3 is divided into following components: (1) RA operator visits the RA application server by the WEB server with the browser form; (2) the sales counter operator is by the visit RA of Teller system application server; (3) the RA application server by calling CFCA API, through the RA gateway, is visited the CFCA system according to RA operator/sales counter operator's order; (4) the RA application server is operated the RA database according to different operations.
Wherein hardware components is specially:
(1) RA Web server
In the bank system of web, the Web of RA end is incorporated in the on-line bank background administration interface, and therefore, the RA Web server will be shared Web bank's Web server.
(2) RA application server
In the bank system of web, the RA application deployment on bank's application server, is physically shared an application server with bank system of web on the net.
(3) RA database server
In the bank system of web, the RA database is shared Web bank's database server, sets up the relevant tables of data of RA on the net in the banking data base, manages and operates.
(4) RA office terminal
The RA office terminal is the PC of Windows operating system.
(5) RA visit channel
In the bank system of web, the visit channel of RA system comprises Web mode and cabinet face mode, and wherein, the Web mode is incorporated in the on-line bank background management function interface.
The operation steps of system of the present utility model is mainly as follows as shown in Figure 4:
(1) customer selecting is by certificate logging in to online banks system;
(2) certificate that need operate of customer selecting;
(3) bank system of web authenticates certificate;
(4) determine the associative operation authority by the authentication back;
(5) client carries out needed internet banking operation.
The utility model is described according to specific exemplary embodiment herein.To carry out suitable replacement under the scope of the present utility model or revise will be conspicuous not breaking away to one skilled in the art.Exemplary embodiment only is illustrative, rather than to the restriction of scope of the present utility model, scope of the present utility model is by appended claim definition.
Claims (1)
1. many diploma systems of individual Web bank, comprise the bank system of web server, individual Web bank client, many diploma systems module of the flash disk of USB interface and the individual Web bank of realization, it is characterized in that the client by individual Web bank client to the different rank of bank system of web application and the certificate of operating right, and use the flash disk of described USB interface that certificate is carried out encryption and decryption, under the authentication of the many diploma systems of individual Web bank, provide corresponding operating right by bank system of web, application according to the client, the bank system of web server is signed and issued the different a plurality of certificates of authority in conjunction with many diploma systems module for the client, each certificate has different authorities according to requirement of client and is stored in the flash disk of USB interface, Web bank's server is distinguished relevant operating right according to login certificate, offer the multiple authoring system of client, satisfy client's various needs comprehensively.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009201700424U CN201570063U (en) | 2009-08-07 | 2009-08-07 | Personal internet banking multi-certificate system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2009201700424U CN201570063U (en) | 2009-08-07 | 2009-08-07 | Personal internet banking multi-certificate system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN201570063U true CN201570063U (en) | 2010-09-01 |
Family
ID=42662360
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2009201700424U Expired - Fee Related CN201570063U (en) | 2009-08-07 | 2009-08-07 | Personal internet banking multi-certificate system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN201570063U (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102567769A (en) * | 2010-12-31 | 2012-07-11 | 上海格尔软件股份有限公司 | USBKEY with certificate selection |
| CN105591753A (en) * | 2016-01-13 | 2016-05-18 | 杭州复杂美科技有限公司 | Application method of CA certificate on block chain |
| CN106603636A (en) * | 2016-11-29 | 2017-04-26 | 中国银联股份有限公司 | Error transaction standardization method and device |
| CN108810002A (en) * | 2018-06-21 | 2018-11-13 | 北京智芯微电子科技有限公司 | The more CA application systems and method of safety chip |
| CN110336769A (en) * | 2019-03-18 | 2019-10-15 | 上海飓金嵘通网络科技有限公司 | A kind of trans-departmental electronic certificate application method and device based on mobile phone wallet |
-
2009
- 2009-08-07 CN CN2009201700424U patent/CN201570063U/en not_active Expired - Fee Related
Cited By (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102567769A (en) * | 2010-12-31 | 2012-07-11 | 上海格尔软件股份有限公司 | USBKEY with certificate selection |
| CN102567769B (en) * | 2010-12-31 | 2015-04-01 | 上海格尔软件股份有限公司 | USBKEY with certificate selection |
| CN105591753A (en) * | 2016-01-13 | 2016-05-18 | 杭州复杂美科技有限公司 | Application method of CA certificate on block chain |
| CN106603636A (en) * | 2016-11-29 | 2017-04-26 | 中国银联股份有限公司 | Error transaction standardization method and device |
| WO2018099209A1 (en) * | 2016-11-29 | 2018-06-07 | 中国银联股份有限公司 | Standardisation method and apparatus for erroneous transactions |
| TWI662501B (en) * | 2016-11-29 | 2019-06-11 | 中國銀聯股份有限公司 | Standard method, device, electronic equipment, non-transitory computer-readable storage medium and computer program product for error transaction |
| CN108810002A (en) * | 2018-06-21 | 2018-11-13 | 北京智芯微电子科技有限公司 | The more CA application systems and method of safety chip |
| CN108810002B (en) * | 2018-06-21 | 2020-02-21 | 北京智芯微电子科技有限公司 | Multi-CA application system and method of security chip |
| CN110336769A (en) * | 2019-03-18 | 2019-10-15 | 上海飓金嵘通网络科技有限公司 | A kind of trans-departmental electronic certificate application method and device based on mobile phone wallet |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lim et al. | Blockchain technology the identity management and authentication service disruptor: a survey | |
| CN107566117B (en) | A kind of block chain key management system and method | |
| CA3027741C (en) | Blockchain systems and methods for user authentication | |
| CN108781161B (en) | Method for controlling and distributing blockchain implementation of digital content | |
| JP5179471B2 (en) | Apparatus and method for securely transmitting data | |
| CN100561916C (en) | A kind of method and system that upgrades authenticate key | |
| US9094212B2 (en) | Multi-server authentication token data exchange | |
| US11323274B1 (en) | Certificate authority | |
| EP1662698B1 (en) | Method and system for delegating authority in an online collaborative environment | |
| EP1662696A1 (en) | Method and system for delegating authority with restricted access right in an online collaborative environment | |
| CN110572258B (en) | Cloud password computing platform and computing service method | |
| CN106254342A (en) | The secure cloud storage method of file encryption is supported under Android platform | |
| CN201570063U (en) | Personal internet banking multi-certificate system | |
| US20130218779A1 (en) | Dual factor digital certificate security algorithms | |
| US20080270788A1 (en) | Extension of x.509 certificates to simultaneously support multiple cryptographic algorithms | |
| Shen et al. | SecDM: Securing data migration between cloud storage systems | |
| CN114270386A (en) | Authenticator application for consent framework | |
| CN102546168A (en) | Communication device for identity authentication | |
| Bhosale et al. | Enhancing data security in cloud computing using 3d framework & digital signature with encryption | |
| US11888997B1 (en) | Certificate manager | |
| CN207251667U (en) | A kind of data safety service platform | |
| Ismail | Enhancement of online identity authentication though blockchain technology | |
| WO2022193494A1 (en) | Permission control method, server, terminal, storage medium, and computer program | |
| Chen et al. | Cloud service platform of electronic identity in cyberspace | |
| Tabassum et al. | Securely Transfer Information with RSA and Digital Signature by using the concept of Fog Computing and Blockchain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20100901 Termination date: 20160807 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |